RE: Designing Network Security

["Erin Carroll" <amoeba () amoebazone com>]

This probably isn't the best place to get information on network design and
planning but we *can* discuss what topologies or technologies we've seen
work well from our pen-testing experience. Pen-testers have a unique view of
network design since we are the ones who actually test the stuff out there
in the real world. Well list? 

For instance, I have a personal bias against Cisco PIX firewalls and MS ISS
web servers since a large majority of the ones I've run across doing
pen-tests have been misconfigured and full of holes. I'm not saying that the
products can't be locked down and effective, just that it's not what I
normally find in the real world.

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball" 
 

> -----Original Message-----
> From: kaushik [mailto:kaushik.mamania () dg2l com] 
> Sent: Thursday, January 05, 2006 10:44 PM
> To: pen-test () securityfocus com
> Subject: Designing Network Security
>
> Hello List,
>
> May be this is not the right list to post. Since we need to 
> protect ourselves from crackers, malicious traffic am taking 
> the liberty to post here.
>
> We need to redesign the network. We need to place a web 
> server, mail server , VOIP server within the DMZ and also put 
> an IDS in place.
>
> How should one go about designing the same.
>
> Have to concentrate on protecting the Intellectual Property 
> as well since we are a R&D center.
> Will need some good policies for the same.
>
> Can some one direct me to good online resources in the vast 
> sea available.
>
> Warm Regards
> Kaushik
>
> --
> This message has been scanned for viruses and dangerous 
> content by MailScanner, and is believed to be clean.
>
>
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking 
> applications on your 
> website. Up to 75% of cyber attacks are launched on shopping 
> carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and 
> locked-down servers are 
> futile against web application hacking. Check your website 
> for vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks 
> before hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.371 / Virus Database: 267.14.14/222 - Release 
> Date: 1/5/2006
>  

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.14/222 - Release Date: 1/5/2006
 


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------